AWSCloudWatch Schema #
Table description #
| TableSection | TableType | TableSectionName | Description |
|---|---|---|---|
| Usx | Regular | Microsoft Sentinel | The CloudWatch Logs provide performance and billing data from the AWS CloudWatch service which helps the user better understand and operate the AWS system and application. |
Table retention #
| HotDays | ColdDays | TotalInteractiveDays |
|---|---|---|
| 14 | 76 | 90 |
Schema #
| Name | Description | Type |
|---|---|---|
| _BilledSize | Double | |
| _IsBillable | String | |
| ExtractedTime | The timestamp (UTC) of when the event was generated. | DateTime |
| Message | The data contained within logs from CloudWatch. | String |
| SourceSystem | String | |
| TenantId | String | |
| TimeGenerated | The timestamp (UTC) when the event was generated and equals to ‘ExtractedTime’ when included in message. If timestamp is missing, it’s set to the ingestion time. | DateTime |
| Type | The name of the table | String |
Schema changes #
| Date | Action |
|---|---|
| 2024-10-18 | Table added to tracking |